Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/0c3554-ccad-4698-bf9f-b1fcf3896999/1/XUfZERtRoU55060-LHCgMQo7q30.roa
File: XUfZERtRoU55060-LHCgMQo7q30.roa (raw, json)
Hash identifier: 6UYylDW/2on0BXmNV3yOdapMiIlHYGWsZzylqys/ShA=
Subject key identifier: 5D:47:D9:11:1B:51:A1:4E:79:D3:AD:3E:2C:70:A0:31:0A:3B:AB:7D
Certificate issuer: /CN=71b6d0e0072d0cab29bfa8737de2a53e51418276
Certificate serial: 018BB87EC4A9BB59DA1116DDBF20CC2B9687
Authority key identifier: 71:B6:D0:E0:07:2D:0C:AB:29:BF:A8:73:7D:E2:A5:3E:51:41:82:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cbbQ4ActDKspv6hzfeKlPlFBgnY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/0c3554-ccad-4698-bf9f-b1fcf3896999/1/XUfZERtRoU55060-LHCgMQo7q30.roa
Signing time: Fri 10 Nov 2023 09:09:57 +0000
ROA not before: Fri 10 Nov 2023 09:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208718
IP address blocks: 45.87.192.0/24 maxlen: 24
45.87.193.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b8:7e:c4:a9:bb:59:da:11:16:dd:bf:20:cc:2b:96:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71b6d0e0072d0cab29bfa8737de2a53e51418276
Validity
Not Before: Nov 10 09:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d47d9111b51a14e79d3ad3e2c70a0310a3bab7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:04:ed:51:72:f0:de:b7:08:15:8b:0c:0d:6a:
55:c0:13:e1:37:61:46:27:1a:b3:89:f2:97:db:23:
dd:88:8c:03:d7:94:10:b4:27:45:4d:65:5d:ce:d0:
60:ef:2e:58:a7:f5:62:be:5c:e5:1a:6b:c7:8d:81:
0b:a1:a9:d4:02:4f:2c:2a:4e:9d:85:8d:f1:fa:92:
85:62:59:b5:60:57:bd:85:50:f5:32:3e:9f:fa:75:
a4:2c:33:e6:f9:34:56:25:39:91:c2:c4:2c:49:d4:
0d:2f:48:ab:c1:ff:ac:76:47:75:6b:c1:20:74:32:
08:94:32:7e:00:f0:62:b7:69:c9:84:84:94:86:5d:
f8:b6:3c:82:a1:cb:f7:ea:e8:5d:2a:1c:30:16:ba:
50:7e:5f:ab:41:d5:ec:87:54:fe:a9:8c:3f:fa:20:
d2:3d:7a:76:76:2a:bd:6f:e9:bd:73:f4:5e:f4:ef:
9b:0c:d2:3b:4e:2e:e9:33:b8:97:3d:fe:cc:54:1c:
92:e5:9e:d8:9d:e8:b2:3e:2f:1b:21:c1:00:df:d0:
a8:bc:a4:6f:1a:f6:3a:b5:da:14:63:ab:70:5c:67:
5a:0b:c4:55:4c:2b:e0:e8:71:55:f7:5c:92:06:ac:
b1:b5:b7:ab:98:50:4f:87:8b:1e:2f:a9:62:95:52:
04:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:47:D9:11:1B:51:A1:4E:79:D3:AD:3E:2C:70:A0:31:0A:3B:AB:7D
X509v3 Authority Key Identifier:
keyid:71:B6:D0:E0:07:2D:0C:AB:29:BF:A8:73:7D:E2:A5:3E:51:41:82:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cbbQ4ActDKspv6hzfeKlPlFBgnY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0c3554-ccad-4698-bf9f-b1fcf3896999/1/XUfZERtRoU55060-LHCgMQo7q30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0c3554-ccad-4698-bf9f-b1fcf3896999/1/cbbQ4ActDKspv6hzfeKlPlFBgnY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.192.0/23
Signature Algorithm: sha256WithRSAEncryption
57:11:33:8a:84:94:35:51:33:36:9e:af:d5:ae:4f:26:d7:1a:
86:5e:cc:db:77:51:03:e3:7a:a5:5e:69:7a:d2:d2:9a:05:f5:
a9:b1:62:fd:99:38:28:ae:06:f5:6c:a2:f4:75:a4:91:7a:63:
cd:44:46:77:ad:9e:62:f5:0e:a8:7f:f8:05:8e:7c:5b:92:ef:
bd:e8:b1:fc:62:d2:a8:f9:a8:bf:24:f2:29:31:5a:f6:df:f9:
ee:5c:19:09:4c:3b:d8:bf:62:96:8d:08:aa:6e:81:32:b6:dd:
57:05:bf:9f:33:b8:8f:82:df:94:53:6d:56:d3:1e:ff:34:92:
89:8d:ac:e1:7a:46:5a:06:d1:c1:16:26:45:1d:f2:82:45:37:
d6:23:3d:a3:30:df:4e:21:f9:a7:9c:a9:b6:8c:a7:7d:63:f2:
47:15:19:af:9d:75:1d:ab:fe:11:8b:d5:80:25:8b:18:ea:18:
2b:c7:a4:33:4a:c0:5c:73:c8:01:c3:81:5c:be:e3:a5:24:bb:
ff:c0:f1:7e:00:3c:98:bd:6f:e0:46:fd:34:90:dd:b6:d9:06:
e3:d0:27:a3:bc:1d:af:ef:68:ed:ce:a5:6d:86:01:78:74:da:
db:e8:80:d5:42:98:5b:bf:fd:4b:6b:c9:ab:a3:84:c3:e4:b1:
75:d4:41:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYu4fsSpu1naERbdvyDMK5aHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYjZkMGUwMDcyZDBjYWIyOWJmYTg3MzdkZTJhNTNlNTE0
MTgyNzYwHhcNMjMxMTEwMDkwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDQ3ZDkxMTFiNTFhMTRlNzlkM2FkM2UyYzcwYTAzMTBhM2JhYjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywTtUXLw3rcIFYsMDWpVwBPhN2FG
JxqzifKX2yPdiIwD15QQtCdFTWVdztBg7y5Yp/VivlzlGmvHjYELoanUAk8sKk6d
hY3x+pKFYlm1YFe9hVD1Mj6f+nWkLDPm+TRWJTmRwsQsSdQNL0irwf+sdkd1a8Eg
dDIIlDJ+APBit2nJhISUhl34tjyCocv36uhdKhwwFrpQfl+rQdXsh1T+qYw/+iDS
PXp2diq9b+m9c/Re9O+bDNI7Ti7pM7iXPf7MVByS5Z7YneiyPi8bIcEA39CovKRv
GvY6tdoUY6twXGdaC8RVTCvg6HFV91ySBqyxtbermFBPh4seL6lilVIEHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF1H2REbUaFOedOtPixwoDEKO6t9MB8GA1UdIwQY
MBaAFHG20OAHLQyrKb+oc33ipT5RQYJ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2JiUTRBY3RES3NwdjZoemZlS2xQbEZCZ25ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8wYzM1NTQtY2NhZC00Njk4LWJmOWYt
YjFmY2YzODk2OTk5LzEvWFVmWkVSdFJvVTU1MDYwLUxIQ2dNUW83cTMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8wYzM1NTQtY2NhZC00Njk4LWJmOWYtYjFmY2YzODk2OTk5
LzEvY2JiUTRBY3RES3NwdjZoemZlS2xQbEZCZ25ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVfAMA0G
CSqGSIb3DQEBCwUAA4IBAQBXETOKhJQ1UTM2nq/Vrk8m1xqGXszbd1ED43qlXml6
0tKaBfWpsWL9mTgorgb1bKL0daSRemPNREZ3rZ5i9Q6of/gFjnxbku+96LH8YtKo
+ai/JPIpMVr23/nuXBkJTDvYv2KWjQiqboEytt1XBb+fM7iPgt+UU21W0x7/NJKJ
jazhekZaBtHBFiZFHfKCRTfWIz2jMN9OIfmnnKm2jKd9Y/JHFRmvnXUdq/4Ri9WA
JYsY6hgrx6QzSsBcc8gBw4FcvuOlJLv/wPF+ADyYvW/gRv00kN222Qbj0CejvB2v
72jtzqVthgF4dNrb6IDVQphbv/1La8mro4TD5LF11EEn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:41 2025 by rpki-client